package com.cfpl.security.expression;

import com.cfpl.admin_service.VO.LoginAdmin;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.Collection;
import java.util.List;

/**
 * @Auther: LYP
 * @Date: 2023/10/15 - 13:18
 * @Description: com.cfpl.admin_service.security.expression
 * @version: 1.0
 * 实现自定义权限认证,不需要再通过spring security认证。
 */
@Component
public class MyExpressionRoot {

    public boolean hasAuthority(String authority){
        //获取当前用户的权限
        LoginAdmin loginAdmin = (LoginAdmin) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        List<String> permissionList = loginAdmin.getPermissionList();

        //判断用户权限集合中是否包含指定权限
        return permissionList.contains(authority);
    }

}
